<?php
  $u = mysql_escape_string(isset($_GET['_u']) ? $_GET['_u'] : '');
  $s = mysql_escape_string(isset($_GET['_s']) ? $_GET['_s'] : '');
  $i = mysql_escape_string(isset($_GET['_i']) ? $_GET['_i'] : '');
  $t = time();
  if($i && strlen($s) == 26){
    $conn = new mysqli('localhost', 'zp', 'Skxtay77', 'ylh');
    $sql = "SELECT * FROM user WHERE uid='$i'";
    $res = $conn->query($sql);
    if($res->num_rows > 0){
      $sql = "UPDATE user SET user='$u', session='$s', date='$t' WHERE uid='$i'";
      $conn->query($sql);
    }else{
      $sql = "INSERT INTO user (user, uid, session, date) VALUES ('$u', '$i', '$s', '$t')";
      $conn->query($sql);
    }
    $conn->close();
  }
 ?>